[
https://issues.apache.org/jira/browse/SOLR-5998?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13975495#comment-13975495
]
Uwe Schindler commented on SOLR-5998:
-------------------------------------
The vulnerability of Solr to Heartbleed is out of our control. It depends on
the SSL library used by the Java virtual machine used to run Solr. The official
Oracle ones are not vulnerable, because they dont use OpenSSL, but I would not
be sure about OpenJDK on various unpatched Linux distributions!!!
We should add this to the Wiki page, too.
> Is Apache Solr 1.0 vulnerable to Heartbleed
> -------------------------------------------
>
> Key: SOLR-5998
> URL: https://issues.apache.org/jira/browse/SOLR-5998
> Project: Solr
> Issue Type: Bug
> Reporter: Lynn Clara
>
> What would to check whether if there is any documented info on whether Apache
> Solr 1.0 is vulnerable to Heartbleed? If so, any available fixes? thks
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
